Remote Scripting with Windows Script Host

Conquer your world of servers from home.

By Don Jones

09/27/2004

Go “On Location” Without Getting
Up
Are you one of those efficient administrators who insists on automating
as many tasks as possible in your environment? Yeah, okay, me too.
Maybe “lazy” is a better word than “efficient,”
but it’s all the same to the boss, right? The hot tool for
automation these days is scripting, whether you consider that to
be writing VBScripts, command-line scripts, KiXtart, ScriptLogic
or whatever. Writing scripts is definitely where it’s at for
automated administration. One problem I’ve had recently, though,
is a number of VBScript-based scripts I’ve written that need
to be run locally on several different servers at about the same
time.

Remember: “Lazy”
I’m well aware of the fact that I could tromp into the datacenter,
load the script on each server, and run it. But some of the servers
are sitting in datacenters on the other side of the planet, and
I can’t afford enough shoe leather to tromp that far. Yeah,
I know — Remote Desktop. Well, it so happens that some of
these are NT 4.0 servers and some of the others don’t have
Remote Desktop (or Terminal Services Remote Admin Mode) enabled.

All is not lost, of course. Windows Script Host (WSH), the bit
that runs VBScripts, is capable of remote scripting. At least, the
latest version (5.6) is capable of it, and that version is available
for everything from Windows 95 and later, including my venerable
NT file servers. WSH’s remote scripting capability can copy
a script from my local machine to each of the remote servers, execute
the script on the remote servers — where it runs locally —
and then report back and tell me how everything went.

Suppose my script was named “c:\maint.vbs,” and that
I needed to run it on a list of computers I’d entered into
a text file named “c:\computers.txt,” listing one server
name per line. Assuming that I’ve already deployed WSH 5.6
to all of these machines, which is easy enough, it’s packages
in an MSI that SMS (or Group Policy) can push right out. Here’s
the script I’d run on my local workstation to deploy the thing:

The WSHController object controls the copying of remote scripts.
The CreateScript() method actually copies the script and returns
an object — oRemote, in my example here — which represents
the remote script. I then use the oRemote object’s Execute()
method to run the remote script and check its Status property to
see if it’s finished or not.

Remote scripting with WSHController might not solve every “lazy
day” problem, but it’s definitely a cool way to push
scripts out to multiple computers (automatically, with the script
I’m using here) and run it.

Micro-Tips

Did you know that you can copy GPOs from one domain to another? GPOs are stored as binary files on domain controllers, but the internals of the file aren’t tied to a specific domain or anything. Just figure out the GPO’s Globally Unique Identifier (GUID) in the source domain; you’ll find the GPO files in a folder named after the GUID, within a DC’s NETLOGON share. Create a new GPO in the target domain, and copy the contents of the GPO into that folder (which will have a different GUID name). Let file replication take place and your GPO is copied.

Do you know how time sync works in an AD domain? It’s critical to the way Kerberos works, so be sure you do. Clients sync with the DC that authenticated them. DCs sync to their domain’s PDC Emulator. PDC emulators sync to their parent domain’s PDC Emulator, up to the forest root PDC Emulator, which should be configured to sync with an authoritative time source, like the U.S. Naval Observatory’s Atomic Clock or your Aunt Sarah’s old grandfather clock, whichever is easier.

Don Jones is a multiple-year recipient of Microsoft’s MVP Award, and is an Author/Evangelist for video training company Pluralsight. Don is also a co-founder and President of PowerShell.org, a community dedicated to Microsoft’s Windows PowerShell technology. Don has more than two decades of experience in the IT industry, and specializes in the Microsoft business technology platform. He’s the author of more than 50 technology books, an accomplished IT journalist, and a sought-after speaker and instructor at conferences worldwide. Reach Don on Twitter at @concentratedDon, or on Facebook at Facebook.com/ConcentratedDon.